A while back I had an issue with Lastpass settings not being properly enabled on my account. I discovered that all settings were rendered, and in order to disable them they used 'display: none' rather than not rendering them on the dashboard at all.
The fix was for me to disable Display: none and it gave me access to the feature in a limited way.
After reaching out to support with screenshots, they fixed the issue and I gained full access, but it is clear to me that Lastpass uses 'display: none' as feature gating and that their software is absolute garbage.
Yeah, it's probably some homie in engineering maliciously compiling with the directions of some wannabe MBA who hates their customers and couldn't keep a business running if it was handed to them on a silver platter.
Is LastPass one of those password managers that only encrypt passwords and leave other data as is? I always cringe when password managers do that. This is a funny joke for anyone who understands even a little about cryptography.
In their defense, the treat model was way different back when they were using local vaults; I suspect the old "cloud storage" model they used placed each individual user who chose to sync opvault to the cloud at some risk, but short of Dropbox or OneDrive themselves getting popped, the cloud attack against 1P vaults was very limited
It doesn't escape me that their threat model could still be that, if they'd relent the cloud-only licensing choice
According to their security notice from a couple days ago, they have "fully-encrypted sensitive fields such as website usernames and passwords, secure notes, and form-filled data."
So, according to them, they encrypt the other fields. I suppose the website field is unencrypted to enable autodetection or something like that.
They specifically do encrypt everything, with URLs being only briefly exposed for favicons (a feature you can turn off easily in 1P and in bitwarden where it is also done.)
I don't understand enough to know why it's a bad idea but Cryptography is the practice and study of techniques for secure communication in the presence of adversarial behaviour, so this part seems clear to me.
It's a bad idea because URLs, email addresses and user names help with phishing, identity theft, social engineering, matching with other leaks, may lend themselves to blackmail (certain dating apps) or otherwise endanger people (gay dating apps in certain places), for very questionable benefit. No definite idea if they really do that, but if they did, that would strike me as irresponsible.
Also, I think the failure here is to not use cryptographical methods in the first place which would seem to be a screw-up in a different security specialty.
This is very frustrating... I operated with LastPass on the assumption that the other data was encrypted in there. So backup authentication codes stored. Alas, time to invalidate a bunch of crap.
As a shameless plug I'd like to suggest the project that I have been using for my personal credentials for quite some years now: https://derivepass.com/ . The encrypted website metadata is stored only locally (with only optional remote sync, and even that has to be your own server), and the passwords are not stored at all (they are generated from your master password).
So I've been happily using LastPass for a long time, but it looks like it's time to migrate off this dumpster fire. What's the HN consensus on the best replacement (which must be usable by my entire family) and, at least as importantly, is there a reasonably painless migration path?
Bitwarden. I’ve been using them ever since Lastpass discontinued their free version. I simply made a text file export of all my pw’s on lastpass and imported them into Bitwarden. Just make sure you delete your text file!
I have been self-hosting bitwarden_rs for many years now, and am very happy with it. It's free as in freedom, open source, and designed to be run and operated and secured by you exclusively, so you have full control over your data and don't need to rely on a third party being available.
> designed to be run and operated and secured by you exclusively
Which means you have to secure it. That's something a lot of people will not know how to do properly, and an insecure server with Bitwarden exposed to the public internet may turn out to be worse than trusting e.g. 1Password. Just something to keep in mind when making that decision.
If that's what you prefer, you can use Bitwarden.com and let them host and secure it. It's just an advantage for Bitwarden that if you want to, you can self-host.
Compared to 10-15 years ago, securing a deployment of a web service is trivial today. Let's Encrypt gets you TLS certificates for free. Wireguard gives you an out-of-the-box secure VPN solution so you can access services outside of your home network (setup is even easier now that it's part of the kernel). Wire everything together with Nginx/Caddy/Traefik and you're off to the races.
It may be trivial to throw something together that works (I think it's still pretty hard unless you do devops stuff a lot, which hardly anyone will) but it's not going to be very secure, at least not down the line.
- Where do you host all that? If on your home network, then your availability is probably not going to be great. Sucks to be travelling and unable to get to anything because your Wireguard Raspberry Pi died, so you need to make sure you don't need that. If using a cloud or other IaaS you run similar risks to 1Password etc., same with "conventional" root server hosters. If they get owned, you may too.
- How secure is your domain name? DNS? Your app may not warn you if the server answering isn't the one that answered yesterday.
- Is your OS hardened? What else is running on your critical machines? How do you keep everything updated, OS and the actual applications?
- How do you keep abreast of zero days and critical issues in the exposed components?
- How do you know when automatic updates fail? How do you know you've been compromised?
- Do you keep all your machines on the same network? Can a smart lightbulb be an exploit vector?
- What about machines that access Bitwarden or whatever directly – how secure are those?
- What will the whole thing cost, both in terms of time and money? What about upskilling?
- If you manage this for others, which is something that cloud services excel at, with rights management and the like: Are you ready to admin this for the long run, do "customer" service, etc.?
Not saying everyone will need to have cover all those bases, or that you couldn't or wouldn't just take some risks, but if the aim is to get better security than e.g. 1Password with their security teams and posture, then it's worth to at least try to have a complete picture and make conscious decisions on them. What needs to be covered will depend on a lot of factors, including how exposed you think you are.
There may not have been any mass-takeovers of badly secured domains, but we've seen during the Log4J incident that a lot of people believe not being listed on Google means their services cannot be discovered only to find they're getting hammered with attacks, and that attackers have levelled up their capabilities a lot, with large-scale and surprisingly well-engineered attacks springing up pretty quickly. That trend will likely continue and that combination of very capable attackers perceived as incompetent and lots of false assumptions about the actual risks is pretty dangerous; a lot of people will not realize how exposed they are because HTTPS==secure, right?
That no one has targeted self-hosted Bitwarden instances on a large scale so far is no guarantee that no one ever will. People are presumably trying to breach 1Password all the time and so far they seem to hold up well, though LastPass hasn't. What risk is bigger? That a homebrew setup is falling to an untargeted mass exploit? That someone will target you with something more sophisticated? That 1Password is breached and keeping data they say they don't? That LastPass keeps data they everyone assumes they don't but never publicly said they don't, and get breached? If anyone knows, I'd like the details of their analysis, because to me it doesn't seem straightforward at all.
Yet another fine reason to use 1Password, which puts a lot of time and attention into user experience stuff like this. I know Bitwarden is the Internet's darling, but holy hell the user experience is so aggressively bad
I would give 1Password the advantage if for no other reason than they've been at it longer, and thus have seen more crazy stuff. I believe Bitwarden claims to have multiple security audits, so I do believe they take it seriously, but (and this part is just my opinion) they execute so much other stuff so poorly that alone lowers my trust in them. For clarity, 1Password also has multiple security audits, and have done a very good job of publishing the specifications for their formats, which further contributes to my trust in their execution
Bitwarden's previous(?) on-premises deployment script was a raging tire fire, which I openly admit is not exactly a _security_ issue, but it further lowers my lack of faith in them
With all that said, I think both Bitwarden and 1Password are miles and miles ahead of LastPass, so one will for sure be better off just picking one and trying it out. It seems to be a reversible decision, if you wanted to switch again
In other threads about this I was reminded that 1Password also has a security key that is known only to the client, and thus would not be leaked in the event of a cloud breach. In order to unlock the vault, one needs both pieces of information: the secret key and the master password. The secret key is cached on the client, which is why I had forgotten about it, but it is required for unlocks nonetheless
Thus the advantage goes to 1Password here, since Bitwarden does not require that "second factor" known only to the client (and I'm not talking about 2FA for logins, I mean for the vault)
KeePassXC with the DB stored in Resilio Sync for me. It's just convenient that way because I've got a home server that everything gets synced with so I don't have to rely on devices being awake at the same time.
Same here but with syncthing, so no "central cloud" storage.
I've used various clients with the keepass db format for years now and have not yet been disappointed. Browser integration, Windows, Linux, Mac, and Android clients, open source, encryption I (naievely) trust... ticks all the boxes for me.
Probably not the “HN consensus”, but if you have apple devices the built in password manager works great for me. Can even setup totp with each site and safari will auto fill
I pay close attention to the UX and UI of the tools that I use that are security critical.
I switched off of LastPass 2 years ago and convinced my brother to do the same because some things in LastPass apps started to feel very old, especially their 2FA implementation, which signals to me that either their stack is inflexible or there's a lot of churn in their dev teams. When those things are true, that means they're probably just maintaining old code instead of evolving it. Or even more terrifying: they don't know what needs to evolve.
Their interface has always felt clunky and outdated. I used to use them many years ago but ended up switching to Bitwarden and then to 1Password. I checked Lastpass out again a year or two ago, when evaluating if I wanted to stick with 1Password, and I was shocked to see that absolutely nothing had changed about their interface. Their password import-export mechanism was still a mess too. I had to manually fix-up many entries in the output CSV.
I work at a large company and against the opinion of many engineers and infosec folks, lastpass was picked as our preferred corporate password storage. I'm just waiting for a call from infosec asking me to log on and to rotate a bunch of creds. Happy Holidays.
Our new parent company -- that works in a security-sensitive industry -- rolled out LastPass over the last few months.
I sent a warning letter to the CISO listing the previous hacks and vulnerabilities in LastPass.
Then this new hack happened, and the CISO sent out a letter saying that there is nothing to be concerned about and that all is well.
When the news broke that the breach was worse than predicted, I sent another letter to the CISO highlighting the concern.
So far, I've had zero responses to any of my emails. Just radio silence. The cold shoulder treatment. Dogs barking in the distance. Etc...
I'm starting to suspect that the CISO is getting some sort of kickback from LastPass, because he's doubling down with every breach on a bad decision.
Has anyone else had any experience with LastPass offering outright bribes to senior staff to get sales? If I can point to a precedent, that would be helpful.
There is absolutely no reason to suspect kickbacks when there is already a massive incentive to not be seen as responsible for a massive blunder and waste of company resources.
The moment some exec pushes for some tech or process change, they become incentivized to ignore all problems and sell it as a success.
> I'm starting to suspect that the CISO is getting some sort of kickback from LastPass, because he's doubling down with every breach on a bad decision.
Corporate Occam's Razor says that either the CISO thinks that reverting the LastPass move right now would be a business mistake, or that ordinary big-company politics is a factor (in either doubling-down to protect from political fallout, or having to do things delicately behind the scenes).
On corporate politics, your paper trail letters to the CISO could be awkward. You might've tried collegial verbal dialogue with them first.
Corporate INFOSEC has a lot of nonsense, the CISO is often the predetermined fall-person when something inevitably goes wrong, and a paper trail that looks like the CISO made an oops despite being warned isn't a great situation for the CISO.
Fortunately for the CISO, mess-ups by vendors like LastPass are commonplace in enterprise software, and people routinely go unscathed for much obviously worse corporate purchasing/deployment decisions. Bad decisions are almost the norm.
He doesn’t need to be getting a kickback. He probably just wants to spin as hard as he can that his poor choice cost did not cost the company a bunch of money.
I totally side with you. But what do you expect? That some senior manager admits he did a mistake? This will never happen. Too many times did I witness similar situations.
The only thing possible would be something like "reevaluating the situation due to new informations" or an otherwise heroic element, that shows how important CISO is will change the situation. This must come from outside channels: "The prophet has no honor - or at least, little - in his own country" ;)
It's human nature to repeatedly double-down on any strongly stated opinion until its defence becomes untenable. It takes repeated intentional practice to keep your ego in check.
Oh dear, what you were doing was just a little bit less than pointing at the CISO's nose and saying: "Look, you don't know what you are doing by choosing such a sh*tty product!" Of course, nothing going to happen. As any actions taken afterwards to mitigate the issues you highlighted can be and amlost for sure will be taken as evidence of failing to do his/her job. All office politics, nothing to do with facts.
At my previous employer I remember saying don't do it with LastPass as the credentials will get stolen. The so-called tech lead said, "I hear what you're saying but it's been decided." I wonder what he is thinking now when he hears about this. Probably nothing.
In light of this breach, can someone explain to me why it's not stupid to keep all your passwords in one place? I've never used a pw manager because it seems absolutely inevitable that these sorts of leaks happen. It just seems like an incredibly put all your eggs in one basket cargo cult type move. I just can't stomach single points of failure like that for anything worth protecting.
Using a password manager is one of those infosec memes that gets oft repeated but doesn't make a lot of sense to me as being "more secure". To me it seems like your passwords existing outside of your head in any way is a risk, and to have them all in one place (even encrypted) seems way worse than having to go through the reset dance every once in a while because you forgot one.
EDIT: I was being a bit snarky and I apologize. As some commenters have rightly pointed out for the average person this is better than the uneducated alternative of using the same PW everywhere, and as method for reducing a random person's risk exposure it is extremely transmissible vs the alternatives.
That being said (as a commenter pointed out I should have included this in the post originally) I believe there are alternatives that are more secure such as using a mental algorithm that generates a unique password per site. I don't think that these sorts of things are prohibitively complicated, and I think never storing passwords outside of your head has a lot of benefits. That's my personal approach and I think it's a better way to go.
P.S. A lot of the fault lies with requiring accounts for things that don't actually require an account. Another problem that comes out of the SaaS model which can be completely avoided by just not making SaaS.
The average person, when not allowed to use a convenient password manager, will either use the same password for every site or come up with a predictable pattern. Encouraging a password manager helps make sure they don't get destroyed completely when a blog they signed up on 5 years ago is hacked.
This is partly because so many things want an account now. I have over 500 passwords saved, it would be straight up impossible to remember unique strings for each site.
> This is partly because so many things want an account now. I have over 500 passwords saved, it would be straight up impossible to remember unique strings for each site.
I'd argue that it is not just about remembering passwords. A password manager also helps you remember that you even have an account. I have a similar number of passwords stored as you and there's no way I'd remember all the sites I signed up for (never mind the passwords) if not for the password manager I use.
If I was diligent I could probably track them via confirmation emails (or self-authored "confirmations" for services that don't send a confirmation email), but I can guarantee that a lot would slip through the cracks if I were to attempt that.
A password manager also gives you a convenient place to store (and share) secrets, recovery keys, SSH keys, and similar bits of security related information that you cannot memorize.
In addition, password managers are much better than the average human at avoiding phishing attacks. The chances of the password manager auto-filling your normalwebsite.com password on nomalwebsite.com or normal-website.com are infinitesimally low compared to the chances of an average user doing so.
I use BitWarden, but I'm thinking of self-hosting BitWarden. BitWarden's commercial offering might be tempting to crack from a hacker's perspective, but I don't think they would go after a specific user's instance.
there's a non-zero risk of hosting it yourself and not keeping up with the maintenance/security updates of whatever server you host it on. gotta weigh that in the calculus. It might not be likely that they target you specifically but there could be a drive by bot that slurps up your password vault.
Most people seem to think it needs to be accessible online. Remote Access =/= Internet Access. Self hosting an external vault, using VPNs, and requiring MFA access make the vault tricky to get to in the first place. You’re machine would need to be compromised first for an attacker to even connect to it—and at that point you’re compromised (and probably keylogged).
If you’re actively under attack no Password Manager, mental algorithm/ password pattern, Yubikey, or MFA will prevent someone from just using your authenticated session(s).
Does that mean we shouldn’t use these mechanisms? Of course not. When the risk is only realized with full compromise—saying XYZ could pose a threat is moot from a security perspective.
> Self hosting an external vault, using VPNs, and requiring MFA access make the vault tricky to get to in the first place.
ok but that also is prone to a weakness in any part of that chain assuming you even set it up properly in the first place. each piece is another layer that can be hacked or improperly setup.
> This is partly because so many things want an account now. I have over 500 passwords saved, it would be straight up impossible to remember unique strings for each site.
How many of those accounts are essential?
I create throw-away accounts on the regular.
There are many accounts, but few that really matter. For the ones that matter I take care to make sure I have the passwords. For the rest, who cares :)
If you go for the shared strong secret part "uniquefied" by an added per-site trivial part (not saying that you should), you increase risk the longer the trivial part gets: if an attacker somehow determines that your password here is 123hacker456news789 they will easily guess that they can get into your Facebook using 123face456book789. Less easy if it's 123h456n789 (Because you don't really use the spaceballs password, in reality h and n don't stand out half as much). If it's 123c456w789 guessing Facebook's 123c456o789 from that would be quite close to brute forcing unless they get their hands on dozens off that kind.
The best tradeoff for me is (2)+(3) sacrificing (1), so I use a local password manager (named 'pass'). That said, I would never trust a 3rd party like LastPass.
Choose a complex base password + a memorizable _algorithm_ that combines (eg) domain names with the base password. That satisfies all of your requirements, and it's not super difficult to create an algorithm that is easy to perform mentally and hard to reverse.
I started doing this in college, and it's been super easy to keep up and my passwords are pretty secure.
I did this before using a password manager. I found that it does work but it's still a pain.
For example, what do you do when you're forced to change a password? You need to remember that this website doesn't follow the rule. There's also the case of password being used by several websites with different names or urls, you need to remember which is the base one.
Also it's really convenient to store other things than passwords in the password maanger. Like some notes, your customer number, which email you signed up with, some PIN they give you...
Not being able to do #1 can be a feature. If you can’t easily login to your accounts it adds just the right amount of friction to buying things online.
I'm on the opposite side: I don't understand how a password manager can be compromised. Your passwords are encrypted and decrypted OFFLINE, on your device. You only ever send the ENCRYPTED vault. Your key never transits. How is that complicated?
As far as I know, it’s only believed that the attackers have the encrypted vaults of LastPass users.
However, that does mean they can attempt to “brute force” the encryption, trying any number of passwords as often as they like - and it seems some earlier versions of LastPass used rather poor choices with that cryptography, meaning the amount of effort needed to make an attempt is lower than other similar services (plus some users may have rather poor master passwords, making them easier to guess).
Which is why it's strange to hear Steve Gibson so breathlessly defending LastPass, claiming secrets aren't really at risk. It's like he read some white papers, met some LP employees, and decided it's unhackable.
Consider that many users may have had very guessable vault passwords, and encryption generally gets weaker as hardware and techniques advance.
They did encrypt the vaults. The problem is that for accounts that were opened before 2017 the used an encryption algorithm that can be cracked with modern hardware. Not a typical desktop GPU, but someone with some firepower could pick an account and crack the master password in a reasonable length of time (on the order of weeks/months).
I'm not saying for a moment that Lastpass are competent (there's plenty of evidence to the contrary), but... saying that this isn't complicated seems a bit much. This is an extremely complex set of transactions where many many things can be done incorrectly.
There's also of course the general as-yet-not-conclusively-solved problem of non-reproducible builds / trusting remotely-updated code.
Yeah, I don't consider my encrypted vault to be particularly sensitive.
I guess someone could key log my master password on my device, copy my vault and pwn me everywhere.
Also, when quantum computing becomes practical enough we password manager users might be in trouble, but surely in that case major changes in infosec would be needed regardless.
Not passwords, but the hackers have some unencrypted data because LastPass did not encrypt all vault data client-side:
"The threat actor was also able to copy a backup of customer vault data from the encrypted storage container which is stored in a proprietary binary format that contains both unencrypted data, such as website URLs" - https://blog.lastpass.com/2022/12/notice-of-recent-security-...
The "such as..." without enumerating everything is very ominous as well.
I believe they are only the encrypted vaults, but with the cost of compute plummeting and the inclusion of unencrypted data alongside the encrypted data I think you have reason to worry if you believe there are people who would perform a dedicated attack on you, or you are in a class likely to be identified as high value.
You should do some actual math to roughly estimate what it would take to crack a good password. Use a strong password, use a resource-intensive key derivation function, and you should feel extremely comfortable that your encrypted data will not be cracked within your lifetime.
The attack vector I'm worried about is a website I use improperly storing passwords (plaintext, etc) and having a leak. To protect against this I use a unique password per website. I cannot possibly remember a unique, secure password for every website I use.
For example, I am old and can't remember sh-t. I can only remember one master password, and I've already forgotten it twice. Now have it backed up on a piece of paper. Looking forward for a day when I forget where I put that piece of paper ...
It's not just age. If you don't use a password often you will definitely forget it unless you have a mental algorithm to generate those passwords like parent commenter suggests.
Use an offline password manager, avoid SaaS. Make sure it's secured with Argon2 and burns a a few seconds of compute to unlock. Use hardware MFA tokens for your most critical accounts.
You could also tie individual copies of the database to the machine's TPM and only sync after decrypting (yet another factor).
> I believe there are alternatives that are more secure such as using a mental algorithm that generates a unique password per site.
That gets tedious when you also have to conform to stupid, different password policies on various sites.
If you want to compartmentalize things you could use multiple password databases with different master passwords? The master password is still something you have in your head.
If you don't keep your 2FA keys in your password manager, it offers much better protection than anything you can come up with in your head.
What happens when you need to change a password on one site? How do you know which password algorithm you're using on which site now?
Why am I asking you this? Because I was in the same situation and it became difficult to track. Now I keep all my passwords in a password manager, my 2FA codes in another app/service, and my recovery codes in the third place that's not connect with the first two in any way. Similarly, obviously, I don't have my 2FA service account + password in my password manager.
Not only could you forget it, I imagine it's going to be pretty difficult to have a mental algorithm that's going to be secure against a couple of your passwords being compromised. So if someone wanted to target you, I bet they'd have a decent chance of cracking the algorithm. Now of course, unless you're a prominent figure, that's very unlikely. But so is a full breach of a major PW manager (preferably not LastPass).
I don't think you need to be a prominent figure to be worried about being targeted specifically. If you date someone in infosec and then break up with them they could easily become a stalker who searches haveibeenpwned for your accounts and starts whittling away at your passwords...
I was opposed to pw managers too, but then found out that my "master" password was leaked, which means I needed to reset all passwords (and good luck doing that because are you keeping a list of all sites you are using?)
I also found out that I can easily forget passwords if they outnumber 5. Doing creative passwords around websites also does not generate enough entropy if one of your passwords is leaked.
I then tried Trezor/Ledger and Yubi. They are the best solution, theoretically. However, I find myself more than once in a situation where I am at an airport and I need quick access to something through my phone. All options above require a laptop, though with Yubi NFC it might be possible. But that means you are also taking your Yubi everywhere you go...
Bitwarden fixes all of that, or any pw that is open source and self-hosted. I'm using the paid version because 1. I want to support them and 2. self-hosted can be a dangerous option if your server goes down and you are locked out of your stuff...
For the job I work at, I easily have 100-200 accounts that I need access to (we have multiple environments for the same projects, so things tend to get inflated very quickly). The accounts that I need to access are accounts that I did not make, and do not have admin control over. If I didn't have a password manager that someone could "share" these passwords to me, I would instead have to do some wonky method of:
Employee sends me two emails encrypted. Email 1 contains a list of usernames. Email 2 contains a list of passwords.
Any time I need to access any site, I need to open up the two files that were sent, count down to whatever line that project would be relevant to, then copy/paste the username from the first file. Then do the same with the other. (And hope that I didn't miscount.)
This also doesn't account for things like password expiration. Some of our projects require it, while others don't. I would constantly be receiving new encrypted emails with this info from people, and be struggling to keep the locally stored files updated.
This would then also open me up to higher risk in that, if my computer ever got compromised, or anyone elses for that matter, than then every single password would have to be changed for every single site, and new encrypted emails would have to be sent out.
It's stressing me out just to think about, honestly.
Password managers are, honestly, kind of a clunky and weird idea. I think that the sorts of problems we see are likely always going to be an issue, but until we get passed the entire idea of even using username/password as the standard, than we're going to need a means to manage them in this way. Basically, I wouldn't call Password Managers "secure" but I'd call them "secure-ish". It's making the best of a bad situation.
The part I don't get about these discussions is that Firefox saves passwords offline for me just fine, and I have to trust my browser to handle my passwords already anyway. Sure, I have to manually copy a password between devices sometimes. Happens maybe three or four times a year, big f'ing deal.
There's absolutely no reason to add more attack surface by using a password manager.
Think about it for a moment. Which is more likely to be compromised: A widely advertised central location storing thousands of peoples’ passwords, or a single user’s passwords on their local computer accessed through an app which doesn’t even access the internet?
Providing that the vault is fully encrypted/unencrypted locally, in what way is it going to be compromised?
If someone wants to avoid having their vault in a LastPass/1Password/… cloud for some reason, it’s also possible to sync the vault through general use cloud solutions like Mega/Dropbox/…
If the cryptography and its implementation is perfect, and you choose a high entropy, well-guarded secret, then encryption is enough on its own. However, being a security researcher, I observe that this is not how the world works in practice, and so encryption is only a single layer in a defence in depth approach. There's little reason to destroy another important layer by centralising all the passwords in a single lucrative bucket.
An obvious way to attack typical cloud password managers is via their web apps, which is an endpoint attack and hence bypasses the encryption. This type of attack is much harder for native, offline password managers.
There's this persistent vague myth on HN that there's something terrible about having an encrypted blob publicly exposed, which to me demonstrates a total lack of understanding about cryptography. Or they're just using weak passwords. Don't do that.
The problem here is that a bunch of unencrypted data was exposed, which is really bad and dumb of LastPass.
If you assume the strongest opposing argument, it's clear the "myth" isn't arising from a misunderstanding of cryptography. Rather, it's arising from the practical observation that password managers are not perfect, and therefore encryption is often not sufficient. In fact, you offer this argument yourself in your comment -- it is really bad and dumb of LastPass, and yet it happened, because these things happen in reality.
Exploiting bugs in the end-user web application, accidentally exposing unencrypted data, unnecessarily collecting all data in a single location in the first place, a break in cryptography leading to a total break of security are all failure modes that only affect cloud password managers.
You could just tell users to write down their unique passwords physically and store them somewhere safe instead of reusing the same password, but that wouldn't fit the narrative of being able to sell services for password management and no doubt another thing the "security" community seems to be highly against.
I agree it's 100% stupid --- "all your eggs in one basket" is exactly the phrase that comes to mind for me too. Centralisation makes for one massive point of failure. If everyone stored passwords in their head or offline, it'd already make it much harder for attackers but there's no recurring $$$ for services in helping people do that. If people can be convinced to believe fake news, what other irrationalities can they be persuaded to believe? It's all just the power of marketing.
At the scale of present-day secured-systems use, this becomes fairly cumbersome quickly.
The typical person, as long ago as 2015, had around (and possibly over) 100 accounts. I'm seeing people referring to many hundreds managed by LastPass or other password-management systems.
Using, say, a paper-based system whether in a bound journal or a set of index or Rolodex cards, a 500-account archive would take up most of a journal, or a pretty hefty chunk of cards, and that archive itself would require physical security (though at least data exfiltration would be slower than from a digital archive). It's not the sort of thing you could easily carry around with you, or access from multiple locations, should you need to do so.
In corporate use, the problem is compounded by:
- Multiple people requiring access to systems.
- Both shared-account and multi-account systems (e.g., a shared root to servers, master DBA account, or embedded / appliance devices with a single account).
- Multi-office (or remote / home office) access.
- Multi-device access (as in people are accessing systems from multiple devices).
This doesn't necessarily mean that a third-party service is your best or only option, but it strongly tends toward a managed third-party system being convenient where "convenient" means "our business which lacks a true CISO role would be dead in the water without it".
Mind: I'm not defending LastPass here, and I don't use it. The solutions I've seen in the past which have impressed me most were based on managed SSH keys with SSH access to critical systems, and the bare minimum of shared accounts.
I'd also like to see:
1) Far fewer authenticated services where that authentication is not necessary. For the most part, if I can avoid creating a new account, I do. (My circumstances leave me considerable latitude that many people wouldn't have, in this regard.) Systems based on asserted identity through PGP seem to me one option (e.g., rather than logging in and posting content, you'd post PGP-signed content, which the remote system would vet. Similarly, reading private content would be encrypted against your keys. This doesn't address all account-based interactions, but it does cover a large bit of landscape.
2) Physical-token based security particularly based on NFC or Yubikey-type devices. Keep in mind that an earlier widely-used technology, RSA keyfobs which would generate one-time PINs as a 2FA, turned out to have a nasty vuln some years back.
But fewer accounts, PKI-based auth, and physical 2FA ... seem increasingly necessary changes.
As numerous others apparently do: I use a local, encrypted, password keystore that is not managed by a third-party service.
(And don't even get me started on third-party data privacy doctrines.)
If one site gets breached/exposed, your memorized username/password combination used all across the internet is now immediately available to the bad actors and you might not even know or remember everywhere it was used. Having a unique password for each site is the main advantage of a password manager to mitigate the damage in this case (to just the 1 site that was breached). Talking about your vault/passwords and "single basket" being obtained is relevant when using a password manager, especially with articles/news like this but just a different attack vector.
I don't think that having a unique password per site is unachievable. I do it and I don't use a PW manager. Even something as simple as prepending the site name in ROT13 to a reused password greatly reduces your exposure to the sort of background infosec threat radiation that's like 99.99% of the threat model for most people
That gets broken as soon as some site requires you rotate your password, or you choose to rotate it (maybe you entered it on a device you become suspicious of). Now how do you remember the password for every website? You could keep some kind of.. list, but then we are getting close to being back to password managers.
Cool, now go explain that to your parents. NOW make sure they go through and change every single password on every single account they currently have and don't just get annoyed like 5 passwords deep and decide not to bother.
The issue isn't you or me, it's what 99% of the world has to use. For the large majority of people, a password manager with one super strong password (and 2FA) makes WAY more sense.
> Even something as simple as prepending the site name in ROT13 to a reused password greatly reduces your exposure to the sort of background infosec threat radiation that's like 99.99% of the threat model for most people
If one goes with the infosec advice that you should calculate the entropy of passwords based on the assumption that the attacker knows the password scheme, then this password scheme provides zero entropy. So if there is zero cost for the cracker to pwn you as well as all the others that don’t have this kind of leetspeak obfuscation then you’re still pwned.
Yes my comment made a lot of assumptions, but the original post invited them I think. Reading the other comments from the original poster changes the tone of the original message a lot. I think for someone who knows the term "infosec" and has a mental algorithm, a password manager isnt necessary per-se. If we are talking about the general public, in a constantly evolving digital world, I think password managers are a good thing. I think this site is a tiny fraction of the potential userbase for a password manager
A local keepass is a great alternative, been doing that for ages and honestly copying my keepass db to a device every once in a while is way less troublesome than quadruple factoring into lastpass/1password or whatever.
Syncing is basically painless and automatic with Syncthing[0] - you only need to set it up once per device (unless you are adding devices frequently which isn't the typical usecase for personal use).
Having a different vendor for the frontend software and the cloud storage part does arguably increase security.
Let's say a national security agency wants access to your passwords. They can "easily" make LastPass send a custom version of the client to your browser. This custom version could send your password to LastPass, allowing them to decrypt your database.
To me it seems like it would be harder to ship a malicious KeePass program to a single user. Especially if that user has installed KeePass using their Linux OS package manager.
I use a mental algorithm that generates a unique password for each site. It's easy to remember the algorithm and I get a complex unique password for every site. I don't think a password existing outside of your head makes sense.
(though some sites force unique passwords/and password changes, which can be annoying as I have to remember to bump a value mentally for how many times i've been forced to do it, luckily for the most part it's not an issue)
If this was common, password hackers would encode such algorithms into password hackers, then once your password is leaked from one site,it's game over (I suspect the set of human brain easily executable algorithms isn't that large).
That’s great but for 95% of the population they’ll never do that. They’ll come up with a generic low security password that’s easy to both remember and type. And they’ll reuse essentially that same password on every site.
So, for your practices maybe a password manager is a step down. But for 95% of the popular it’s a step up.
Security is a spectrum, and password managers move most people to a more secure stance. You can yell at people that they can be more secure until you’re blue in the face, but most of them will shrug and ignore you.
I see, you left this out of your original post and it would have had me reply entirely different. This certainly can work for you and makes sense, expecting everyone to do this instead of using a tool to do this is unrealistic IMO. Everyone thinks about things differently and many people "dont care" about security and just want a password that works.
To those who are advocating storing the passwords in your head, what happens if a bus hits you and your partner has no idea about the passwords? You want to share the algorithm with them? What if they can't remember the algorithm/make a mistake? I would wager that keeping the secure database on cloud and/or a usb key along with master password in a bank safe deposit locker is a much safer way to pass the details to them.
Might as well store your online passwords in your email, since it’s used for password resets. Might feel weird but your email is your weakest link anyway.
The info LastPass and most other password managers I'd use have is useless even someone got it... sure they might get my email and what sites I stored passwords for, but the passwords themselves are not just sitting there in plain text or decreeable format able to be used.
> using a mental algorithm that generates a unique password per site.
If someone has access to one or more of your passwords and can reverse engineer your 'algorithm' then you have effectively just reused the same password everywhere. Even if you include some amount of memorized numbers or whatever the entropy is probably a lot lower than having an xkcd-strong password in a manager and randomized passwords stored in it.
No one has mentioned this to you yet, from what I can see, but Master Password[0] is basically what you're asking for. It is well worth it to switch to an implementation of that instead of your mental calculus.
> I believe there are alternatives that are more secure such as using a mental algorithm that generates a unique password per site.
Being completely honest, I consider this a terrible strategy. I seriously doubt your "algorithm" is anywhere close to as secure as you think it is. Humans suck at coming up with passwords, period, no matter how clever they think they are, and then memorizing those passwords is at least as difficult. Any algorithm that would actually be secure would take far too long to mentally apply to each website each time you visit it.
Fully featured password managers like 1Password can include much more than just usernames and passwords, which increases their value significantly. Otherwise, users absolutely store that incredibly important information in completely unencrypted places, often synced with the cloud, because it is important information that they need access to, and they want to make sure it doesn't get lost. There is tremendous value in having a user-friendly encrypted vault.
Since the entire vault is fully end to end encrypted with any decent password manager (like 1Password), the weaknesses that repeatedly affect LastPass do not ever apply here. The only thing that matters is having a strong password on your vault, and keeping that password secure. It doesn't matter if 1Password gets hacked, no one will even know what websites you have accounts on. Coincidentally, 1Password also doesn't have the same history of breaches that LastPass does.
The only other security risk beyond a weak password is a supply chain attack, where 1Password ships a compromised version of the 1Password client that steals your vault password, but this is significantly harder for a malicious actor to pull off than the breaches LastPass has dealt with, and any software vendor that you trust could be compromised and install a keylogger on your device, which would achieve the same outcome, so this is not specific to 1Password, and therefore I don't consider it very relevant to the discussion beyond mentioning that other people might bring it up.
> That's my personal approach and I think it's a better way to go.
It's really not, but someone who comes to the internet to rant about this stuff is so strongly convicted of their belief that I don't think I'm going to be able to change it, so I'll just leave it at that. I have cared a lot about cybersecurity for a long time, even before I worked in the cybersecurity industry for a few years, which gave me lots of additional exposure to experienced people and current events.
I have never recommended LastPass to anyone, and I would never recommend it to anyone. 1Password is a completely different story. There are valid open source alternatives, which you can self host, but most people (outside of this forum) are not going to succeed at hosting their own password manager, so it's important to find a trustworthy hosted option.
This is what I personally recomend to all non computer experts -- a passbook being stolen from home seems much less likely than a serious computer issue.
I am a LastPass user. Unfortunately. I have things in passwords notes field (like answers to security questions) because I assumed that the notes section was encrypted. Some comments here on HN made me think they are actually not encrypted. I asked if they were encrypted or not to LastPass support and to the support forum. That was 2 days ago and there has been no response. I’m going to take that as a no. I’m working right now to move off of LastPass. Unfortunately I have nearly 2,000 passwords on there, so it is taking forever.
How are you trying to move off such that it’s “taking forever”? Did you consider exporting your data from LastPass and importing the file into something like Bitwarden or KeePassXC?
Before deleting your account it would be good measure to update passwords to passwords you don't really use. You never know if deleted data is deleted from db as well.
For sure but we also don’t know how much “effective dated” data they store. If a backup from 3 months ago is leaked… what the pw on the acct was the day you deleted it won’t matter.
I'm attempting to call support and get them to give me this year's Premium subscription fee back. On the support page for deleting the account, there's a link to Contact Support. [1]
edit: A rep called right away. They will not give me my money back. It's in their terms and conditions that they won't even if there is a security breach and it's been longer than 30 days since I paid.
Well, the stopgap solution for this scenario is quite simple: Keepassxc + Keepassxc Browser Extension + Cloud Storage of your choice. OPAQUE is not covered but I'd argue that that would puttoo much of a restraint on the storage layer.
Both Keepassxc[0] and the browser extension are FOSS and the cloud storage may be FOSS, like Nextcloud or "just" whatever works for you rn (Google Drive, Seafile, ...). On android Keepassdx[2] (with autofill) can help too.
The only major pitfalls of this model is cross-device sync, i.e., you edit the file on device A while saving a change on B etc. Though this isn't really a problem if you (a) are using it alone or (b) make sure you keep backups. In case they do conflict it can merge multiple versions.
> Passkeys are awesome and I wish more sites implemented this.
99% of the time, websites that allow you to use a "Security Key" or "Fingerprint" are using WebAuthn, which is all that's needed for PassKeys to work, (besides a few sites that use a stricter webauthn config).
Best part is that it is really easy to export the passwords too!
I exported the passwords and imported them onto my self hosted instance of Vaultwarden. After activating the Bitwarden extension for Safari, all of my passwords are now synced to two places.
Just deleted my account - everything was fine. One thing to note, there's nowhere in the UI or account settings tab to delete my account. I had to go directly to the link.
> Just deleted my account - everything was fine. One thing to note, there's nowhere in the UI or account settings tab to delete my account. I had to go directly to the link.
That's the point OP is making - the button to do it from within the UI has been hidden with CSS attribute
display: none
it's there, but the fact that it was hidden with CSS suggests it was done deliberately to stem attrition.
After migrating to another password manager, do you also need to rotate all your passwords? Or at least the most sensitive ones? Or is the LastPass hack so far unlikely to compromise the passwords? (since I understand only encrypted data is in hacker's hands)
I'm not seeing a lot of clarity on what I should do as a LastPass user? Nothing? Move to 1Password? I can't use iCloud keychain because I use Chrome on Mac.
Yeah, I've been thinking it probably has a nicer UX and is the best option. It's not exactly clear to me if LastPass actually has bungled the security here or if its just FUD. Is 1Password better from a security perspective in any concrete way?
any password manager can be hacked, i had my master password for 20 characters with numbers, characters and special characters. It will take years to brute force and can i assume i have couple of months to change all of my 200 passwords? am i missing something
Even though this is correct, it doesn’t address all possible consequences. It looks like not all fields were encrypted: at a minimum URLs but also very likely fields like “notes” and more. If you had any sensitive info outside of username/password it’s recommended to start mitigating that.
Note: secure notes is not the same as the “notes” field. Secure notes are encrypted.
Edit: Also it is unclear whether records like Bank Accounts, Social Security Numbers, etc have been fully encrypted.
Use your browser's built-in password storage. You already trust your browser with your passwords, and it's always better to keep your attack surface small.
Offline-only is an additional attack surface reducing move. Sure, you may have to copy passwords manually between devices sometimes, but in practice it happens rarely enough not to matter.
I wonder if they checked this with the compliance department regarding their obligations to delete data under GDPR. I hope their Data Protection Officers have the time to respond to all of the thousands of relevant manual email requests and delete all of the data in a timely manner, if people are made aware they are legally required to honor those.
A lot of people here seem to be confused about what a breach of LastPass would actually mean. They should look into how LastPass actually works. Spoiler alert - they don't actually have your passwords, and anyone who hacked them and took all their data would not have your passwords either.
Except with unencrypted urls, combined with a dataset of previously leaked pws and someone who uses a pw at another leaked place as their master password … means that encrypted lastpass acct is now open.
After reaching out to support with screenshots, they fixed the issue and I gained full access, but it is clear to me that Lastpass uses 'display: none' as feature gating and that their software is absolute garbage.
This was 100% intentional on Lastpass' side